Report false positive mod_sec rules

samy.janson

Junior Member

Join Date: Mar 2021
Posts: 15

01-02-2020, 02:13 PM

Hello,

From time to time we see FP mod_sec rules and need to disable them for a user or on all servers.
But what is the best way to report it to you so you can fix it?

In this case its this rule for Apache:

Code:

77230780: IM360 WAF: XSS vulnerability in Ultimate Member - User Profile & Membership plugin 2.0.29 and before 2.0.28 for WordPress (CVE-2018-17866)||MVN:ARGS_POST:um_options[welcome_email]||MV: style="max-width: 560px; padding: 20px; background: #ffffff; border-radius: 5px; margin: 40px auto; font-family: Open Sans,Helvetica,Arial; font-size: 15px; color: #666;">
 style="color: #444444; font-weight: normal;">
 style="text-align: center; font-weight: 600; font-size: 26px; padding: 10px 0; border-bottom: solid 3px #eeeeee;">{site_name}>
 style="clear: both;">xc2xa0>
>
 style="padding: 0 30px 30px 30px; border-bottom: 3px solid #eeeeee;">
 style="padding: 30px 0; font-size: 24px; text-align: center; line-height

Customer has version 2.1.2 of this WP plugin.

Tags: None

skhristich

Senior Member

Join Date: Nov 2019

Posts: 595
- Share
- Tweet
#2

01-02-2020, 03:48 PM

Hello Morten,
At the moment there is no mechanism to report false by the rules, only files https://docs.imunify360.com/command_...false-negative. You can do this with a ticket indicating the number of the rule that must be made false. Please let us know if you have any questions.
Thanks in advance!
Comment

Announcement

Report false positive mod_sec rules

Report false positive mod_sec rules

Comment